* [PATCH] checkout: check return value of resolve_refdup before using hash
@ 2017-05-06 17:13 René Scharfe
2017-05-09 3:56 ` Jeff King
0 siblings, 1 reply; 2+ messages in thread
From: René Scharfe @ 2017-05-06 17:13 UTC (permalink / raw)
To: Git List; +Cc: Junio C Hamano, Johannes Schindelin, Jeff King, Stefan Beller
If resolve_refdup() fails it returns NULL and possibly leaves its hash
output parameter untouched. Make sure to use it only if the function
succeeded, in order to avoid accessing uninitialized memory.
Found with t/t2011-checkout-invalid-head.sh --valgrind.
Signed-off-by: Rene Scharfe <l.s.r@web.de>
---
builtin/checkout.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/builtin/checkout.c b/builtin/checkout.c
index bfa5419f33..6c3d2e4f4c 100644
--- a/builtin/checkout.c
+++ b/builtin/checkout.c
@@ -833,7 +833,8 @@ static int switch_branches(const struct checkout_opts *opts,
int flag, writeout_error = 0;
memset(&old, 0, sizeof(old));
old.path = path_to_free = resolve_refdup("HEAD", 0, rev.hash, &flag);
- old.commit = lookup_commit_reference_gently(rev.hash, 1);
+ if (old.path)
+ old.commit = lookup_commit_reference_gently(rev.hash, 1);
if (!(flag & REF_ISSYMREF))
old.path = NULL;
--
2.12.2
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH] checkout: check return value of resolve_refdup before using hash
2017-05-06 17:13 [PATCH] checkout: check return value of resolve_refdup before using hash René Scharfe
@ 2017-05-09 3:56 ` Jeff King
0 siblings, 0 replies; 2+ messages in thread
From: Jeff King @ 2017-05-09 3:56 UTC (permalink / raw)
To: René Scharfe
Cc: Git List, Junio C Hamano, Johannes Schindelin, Stefan Beller
On Sat, May 06, 2017 at 07:13:52PM +0200, René Scharfe wrote:
> If resolve_refdup() fails it returns NULL and possibly leaves its hash
> output parameter untouched. Make sure to use it only if the function
> succeeded, in order to avoid accessing uninitialized memory.
>
> Found with t/t2011-checkout-invalid-head.sh --valgrind.
>
> Signed-off-by: Rene Scharfe <l.s.r@web.de>
> ---
> builtin/checkout.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/builtin/checkout.c b/builtin/checkout.c
> index bfa5419f33..6c3d2e4f4c 100644
> --- a/builtin/checkout.c
> +++ b/builtin/checkout.c
> @@ -833,7 +833,8 @@ static int switch_branches(const struct checkout_opts *opts,
> int flag, writeout_error = 0;
> memset(&old, 0, sizeof(old));
> old.path = path_to_free = resolve_refdup("HEAD", 0, rev.hash, &flag);
> - old.commit = lookup_commit_reference_gently(rev.hash, 1);
> + if (old.path)
> + old.commit = lookup_commit_reference_gently(rev.hash, 1);
I wondered for a second what the value of old.commit would be in the
error case. But it should be NULL due to the memset above.
But what happens after that? Is everybody OK with NULL? I briefly poked
through the callees (merge_working_tree, update_refs_for_switch, and
post_checkout_hook) and they all seem to explicitly handle the NULL.
So I think this is good (well, clearly your change was an improvement
either way, but I feel more confident now that there is nothing else to
be fixed on top of it).
-Peff
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-05-09 3:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-06 17:13 [PATCH] checkout: check return value of resolve_refdup before using hash René Scharfe
2017-05-09 3:56 ` Jeff King
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).